From ec1e0cdf2e7907678914e6717517b64798697ed9 Mon Sep 17 00:00:00 2001
From: Bel LaPointe <breel@qualtrics.com>
Date: Sat, 25 Jul 2020 02:23:04 -0600
Subject: [PATCH] Add nopath for vue things

---
 config/config.go | 21 +++++++++++++++++++++
 config/new.go    |  2 ++
 server/server.go | 15 ++++++++++++++-
 3 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/config/config.go b/config/config.go
index 6c179a8..e4e9317 100755
--- a/config/config.go
+++ b/config/config.go
@@ -1,6 +1,7 @@
 package config
 
 import (
+	"encoding/json"
 	"fmt"
 	"log"
 	"strings"
@@ -78,3 +79,23 @@ func GetTimeout() time.Duration {
 	timeout := conf.Get("timeout").GetDuration()
 	return timeout
 }
+
+func GetCORS(key string) bool {
+	cors := conf.GetString("cors")
+	var m map[string]bool
+	if err := json.Unmarshal([]byte(cors), &m); err != nil {
+		return false
+	}
+	_, ok := m[key]
+	return ok
+}
+
+func GetNoPath(key string) bool {
+	nopath := conf.GetString("nopath")
+	var m map[string]bool
+	if err := json.Unmarshal([]byte(nopath), &m); err != nil {
+		return false
+	}
+	_, ok := m[key]
+	return ok
+}
diff --git a/config/new.go b/config/new.go
index 422ea50..d2cf952 100755
--- a/config/new.go
+++ b/config/new.go
@@ -48,6 +48,8 @@ func parseArgs() (*args.ArgSet, error) {
 	as.Append(args.DURATION, "timeout", "timeout for tunnel", time.Minute)
 	as.Append(args.STRING, "proxy", "double-comma separated (+ if oauth)from,scheme://to.tld:port,oauth,,", "")
 	as.Append(args.STRING, "oauth", "url for boauthz", "")
+	as.Append(args.STRING, "cors", "json dict key:true for keys to set CORS permissive headers, like {\"from\":true}", "{}")
+	as.Append(args.STRING, "nopath", "json dict key:true for keys to remove all path info from forwarded request, like -cors", "{}")
 
 	err := as.Parse()
 	return as, err
diff --git a/server/server.go b/server/server.go
index 08d5527..9f8a9d4 100755
--- a/server/server.go
+++ b/server/server.go
@@ -100,6 +100,17 @@ func (s *Server) Run() error {
 
 func (s *Server) doAuth(foo http.HandlerFunc) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
+		key := mapKey(r.Host)
+		if config.GetCORS(key) {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+			w.Header().Set("Access-Control-Allow-Headers", "X-Auth-Token, content-type, Content-Type")
+			if r.Method == "OPTIONS" {
+				w.Header().Set("Content-Length", "0")
+				w.Header().Set("Content-Type", "text/plain")
+				w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS, TRACE, PATCH, HEAD")
+				return
+			}
+		}
 		rusr, rpwd, ok := config.GetAuth()
 		if ok {
 			usr, pwd, ok := r.BasicAuth()
@@ -109,7 +120,6 @@ func (s *Server) doAuth(foo http.HandlerFunc) http.HandlerFunc {
 				return
 			}
 		}
-		key := mapKey(r.Host)
 		ok, err := s.lookupBOAuthZ(key)
 		if err != nil {
 			w.WriteHeader(http.StatusInternalServerError)
@@ -121,6 +131,9 @@ func (s *Server) doAuth(foo http.HandlerFunc) http.HandlerFunc {
 				return
 			}
 		}
+		if config.GetNoPath(key) {
+			r.URL.Path = "/"
+		}
 		foo(w, r)
 	}
 }